Create & Init Project...

2019-04-22 18:49:16 +08:00
commit fc4fa37393
25440 changed files with 4054998 additions and 0 deletions
--- a/app/interface/main/reply/http/BUILD
+++ b/app/interface/main/reply/http/BUILD
@@ -0,0 +1,51 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "cursor.go",
+        "http.go",
+        "local.go",
+        "reply.go",
+        "reply_admin.go",
+        "reply_record.go",
+        "reply_report.go",
+        "xreply.go",
+    ],
+    importpath = "go-common/app/interface/main/reply/http",
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+    deps = [
+        "//app/interface/main/reply/conf:go_default_library",
+        "//app/interface/main/reply/model/adminlog:go_default_library",
+        "//app/interface/main/reply/model/reply:go_default_library",
+        "//app/interface/main/reply/model/xreply:go_default_library",
+        "//app/interface/main/reply/service:go_default_library",
+        "//library/ecode:go_default_library",
+        "//library/log:go_default_library",
+        "//library/net/http/blademaster:go_default_library",
+        "//library/net/http/blademaster/middleware/auth:go_default_library",
+        "//library/net/http/blademaster/middleware/verify:go_default_library",
+        "//library/net/metadata:go_default_library",
+        "//library/xstr:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
--- a/app/interface/main/reply/http/cursor.go
+++ b/app/interface/main/reply/http/cursor.go
@@ -0,0 +1,418 @@
+package http
+
+import (
+	"strconv"
+
+	"go-common/app/interface/main/reply/conf"
+	model "go-common/app/interface/main/reply/model/reply"
+	xmodel "go-common/app/interface/main/reply/model/xreply"
+	"go-common/library/ecode"
+	"go-common/library/log"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/net/metadata"
+)
+
+func subReplyByCursor(ctx *bm.Context) {
+	params := ctx.Request.Form
+	oid, err := strconv.ParseInt(params.Get("oid"), 10, 64)
+	if err != nil {
+		ctx.JSON(nil, ecode.RequestErr)
+		return
+	}
+	var build int64
+	appStr := params.Get("mobi_app")
+	buildStr := params.Get("build")
+	if buildStr != "" {
+		build, err = strconv.ParseInt(buildStr, 10, 64)
+		if err != nil {
+			log.Warn("strconv.ParseInt(build %s) err(%v)", buildStr, err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+	}
+
+	otyp, err := strconv.ParseInt(params.Get("type"), 10, 8)
+	if err != nil {
+		ctx.JSON(nil, ecode.RequestErr)
+		return
+	}
+
+	var size int64
+	if params.Get("size") != "" {
+		size, err = strconv.ParseInt(params.Get("size"), 10, 64)
+		if err != nil {
+			ctx.JSON(nil, ecode.RequestErr)
+			return
+		}
+	}
+	if size <= 0 || size > int64(conf.Conf.Reply.MaxPageSize) {
+		size = int64(conf.Conf.Reply.MaxPageSize)
+	}
+	var (
+		rootID  int64
+		replyID int64
+		cursor  *model.Cursor
+	)
+
+	if params.Get("rpid") != "" {
+		// jump subReply
+		replyID, err = strconv.ParseInt(params.Get("rpid"), 10, 64)
+		if err != nil {
+			ctx.JSON(nil, ecode.RequestErr)
+			return
+		}
+		rootID, cursor, err = rpSvr.NewSubCursorByReplyID(ctx, oid, int8(otyp), replyID, int(size), model.OrderASC)
+		if err != nil {
+			ctx.JSON(nil, err)
+			return
+		}
+	} else {
+		var maxID, minID int64
+		if params.Get("min_id") != "" {
+			minID, err = strconv.ParseInt(params.Get("min_id"), 10, 64)
+			if err != nil {
+				ctx.JSON(nil, ecode.RequestErr)
+				return
+			}
+		}
+		if params.Get("max_id") != "" {
+			maxID, err = strconv.ParseInt(params.Get("max_id"), 10, 64)
+			if err != nil {
+				ctx.JSON(nil, ecode.RequestErr)
+				return
+			}
+		}
+		cursor, err = model.NewCursor(maxID, minID, int(size), model.OrderASC)
+		if err != nil {
+			ctx.JSON(nil, ecode.RequestErr)
+			return
+		}
+	}
+	if rootID <= 0 {
+		rootID, err = strconv.ParseInt(params.Get("root"), 10, 64)
+		if err != nil {
+			ctx.JSON(nil, ecode.RequestErr)
+			return
+		}
+	}
+	var (
+		showFolded bool
+		scene      int64
+	)
+
+	// 消息中心折叠的评论也要给加回来，这里约定他们传一个scene=1
+	if params.Get("scene") != "" {
+		scene, _ = strconv.ParseInt(params.Get("scene"), 10, 64)
+	}
+	if model.ShouldShowFolded(params.Get("mobi_app"), build, scene) {
+		showFolded = true
+	}
+	// 这里老版本折叠评论也要显示
+	cursorParams := &model.CursorParams{
+		IP:         metadata.String(ctx, metadata.RemoteIP),
+		Oid:        oid,
+		RootID:     rootID,
+		OTyp:       int8(otyp),
+		HTMLEscape: params.Get("mobi_app") == "",
+		Cursor:     cursor,
+		ShowFolded: showFolded,
+	}
+
+	if m, ok := ctx.Get("mid"); ok {
+		cursorParams.Mid = m.(int64)
+	}
+	cursorRes, err := rpSvr.GetSubReplyListByCursor(ctx, cursorParams)
+	if err != nil {
+		ctx.JSON(nil, err)
+		return
+	}
+	var blacklist, assist int
+	if mid := cursorParams.Mid; mid > 0 {
+		if !rpSvr.IsWhiteAid(cursorParams.Oid, int8(cursorParams.OTyp)) {
+			if rpSvr.RelationBlocked(ctx, cursorRes.Subject.Mid, mid) {
+				blacklist = 1
+			}
+			if ok, _ := rpSvr.CheckAssist(ctx, cursorRes.Subject.Mid, mid); ok {
+				assist = 1
+			}
+		}
+	}
+	var config xmodel.ReplyConfig
+	config.ShowFloor = 1
+	if !rpSvr.ShowFloor(cursorParams.Oid, cursorParams.OTyp) {
+		config.ShowFloor = 0
+	}
+	rootReply := cursorRes.Roots[0]
+	if showFolded {
+		rootReply.Folder.HasFolded = false
+	}
+	rpSvr.EmojiReplaceI(appStr, build, rootReply)
+	data := map[string]interface{}{
+		"assist":    assist,
+		"blacklist": blacklist,
+		"upper": map[string]interface{}{
+			"mid": cursorRes.Subject.Mid,
+		},
+		"root": rootReply,
+		"cursor": map[string]interface{}{
+			"all_count": rootReply.RCount,
+			"max_id":    cursorRes.CursorRangeMax,
+			"min_id":    cursorRes.CursorRangeMin,
+			"size":      len(rootReply.Replies),
+		},
+		"config": config,
+	}
+	ctx.JSON(data, err)
+}
+
+func replyByCursor(ctx *bm.Context) {
+	params := ctx.Request.Form
+	buvid := ctx.Request.Header.Get("buvid")
+	oid, err := strconv.ParseInt(params.Get("oid"), 10, 64)
+	if err != nil {
+		log.Warn("%v", err)
+		err = ecode.RequestErr
+		ctx.JSON(nil, err)
+		return
+	}
+
+	otyp, err := strconv.ParseInt(params.Get("type"), 10, 8)
+	if err != nil {
+		log.Warn("%v", err)
+		err = ecode.RequestErr
+		ctx.JSON(nil, err)
+		return
+	}
+
+	var sort int64
+	if params.Get("sort") != "" {
+		sort, err = strconv.ParseInt(params.Get("sort"), 10, 8)
+		if err != nil {
+			log.Warn("%v", err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+	}
+
+	plat := int64(model.PlatWeb)
+	if params.Get("plat") != "" {
+		plat, err = strconv.ParseInt(params.Get("plat"), 10, 8)
+		if err != nil {
+			log.Warn("%v", err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+	}
+
+	var build int64
+	if params.Get("build") != "" {
+		build, err = strconv.ParseInt(params.Get("build"), 10, 64)
+		if err != nil {
+			log.Warn("%v", err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+	}
+
+	var size int64
+	if params.Get("size") != "" {
+		size, err = strconv.ParseInt(params.Get("size"), 10, 32)
+		if err != nil {
+			log.Warn("%v", err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+	}
+	if size <= 0 || size > int64(conf.Conf.Reply.MaxPageSize) {
+		size = int64(conf.Conf.Reply.MaxPageSize)
+	}
+
+	var (
+		replyID int64
+		cursor  *model.Cursor
+	)
+
+	if params.Get("rpid") != "" {
+		// jump root reply
+		replyID, err = strconv.ParseInt(params.Get("rpid"), 10, 64)
+		if err != nil {
+			log.Warn("%v", err)
+			err = ecode.RequestErr
+			ctx.JSON(nil, err)
+			return
+		}
+		cursor, err = rpSvr.NewCursorByReplyID(ctx, oid, int8(otyp), replyID, int(size), model.OrderDESC)
+	} else {
+		var maxID, minID int64
+		if params.Get("min_id") != "" {
+			minID, err = strconv.ParseInt(params.Get("min_id"), 10, 64)
+			if err != nil {
+				log.Warn("%v", err)
+				err = ecode.RequestErr
+				ctx.JSON(nil, err)
+				return
+			}
+		}
+		if params.Get("max_id") != "" {
+			maxID, err = strconv.ParseInt(params.Get("max_id"), 10, 64)
+			if err != nil {
+				log.Warn("%v", err)
+				err = ecode.RequestErr
+				ctx.JSON(nil, err)
+				return
+			}
+		}
+		cursor, err = model.NewCursor(maxID, minID, int(size), model.OrderDESC)
+	}
+	if err != nil {
+		log.Warn("%v", err)
+		err = ecode.RequestErr
+		ctx.JSON(nil, err)
+		return
+	}
+	appStr := params.Get("mobi_app")
+	var showFolded bool
+	// 对于根评论 scene传0, 只需要做版本的兼容即可
+	if model.ShouldShowFolded(params.Get("mobi_app"), build, 0) {
+		showFolded = true
+	}
+	cursorParams := &model.CursorParams{
+		IP:         metadata.String(ctx, metadata.RemoteIP),
+		Oid:        oid,
+		OTyp:       int8(otyp),
+		Sort:       int8(sort),
+		HTMLEscape: appStr == "",
+		Cursor:     cursor,
+		HotSize:    5,
+		Mid:        metadata.Int64(ctx, metadata.Mid),
+		ShowFolded: showFolded,
+	}
+
+	if m, ok := ctx.Get("mid"); ok {
+		cursorParams.Mid = m.(int64)
+	}
+
+	cursorRes, err := rpSvr.GetRootReplyListByCursor(ctx, cursorParams)
+	if err != nil {
+		ctx.JSON(nil, err)
+		return
+	}
+	var blacklist, assist int
+	if mid := cursorParams.Mid; mid > 0 {
+		if !rpSvr.IsWhiteAid(cursorParams.Oid, int8(cursorParams.OTyp)) {
+			if rpSvr.RelationBlocked(ctx, cursorRes.Subject.Mid, mid) {
+				blacklist = 1
+			}
+			if ok, _ := rpSvr.CheckAssist(ctx, cursorRes.Subject.Mid, mid); ok {
+				assist = 1
+			}
+		}
+	}
+	rpSvr.EmojiReplace(int8(plat), build, cursorRes.Roots...)
+	rpSvr.EmojiReplaceI(appStr, build, cursorRes.Roots...)
+	cursorRes.Roots = rpSvr.FilDelReply(cursorRes.Roots)
+	m := map[string]interface{}{
+		"assist":    assist,
+		"blacklist": blacklist,
+		"replies":   cursorRes.Roots,
+		"upper": map[string]interface{}{
+			"mid": cursorRes.Subject.Mid,
+		},
+		"cursor": map[string]interface{}{
+			"all_count": cursorRes.Subject.ACount,
+			"max_id":    cursorRes.CursorRangeMax,
+			"min_id":    cursorRes.CursorRangeMin,
+			"size":      len(cursorRes.Roots),
+		},
+	}
+	if cursorRes.Header != nil {
+		rpSvr.EmojiReplace(int8(plat), build, cursorRes.Header.Hots...)
+		rpSvr.EmojiReplace(int8(plat), build, cursorRes.Header.TopAdmin)
+		rpSvr.EmojiReplace(int8(plat), build, cursorRes.Header.TopUpper)
+		rpSvr.EmojiReplaceI(appStr, build, cursorRes.Header.Hots...)
+		rpSvr.EmojiReplaceI(appStr, build, cursorRes.Header.TopAdmin)
+		rpSvr.EmojiReplaceI(appStr, build, cursorRes.Header.TopUpper)
+		cursorRes.Header.Hots = rpSvr.FilDelReply(cursorRes.Header.Hots)
+		showEntry, showAdmin, showFloor := 1, 1, 1
+		if config, _ := rpSvr.GetReplyLogConfig(ctx, cursorRes.Subject, 1); config != nil {
+			showEntry = int(config.ShowEntry)
+			showAdmin = int(config.ShowAdmin)
+		}
+		if !rpSvr.ShowFloor(cursorParams.Oid, cursorParams.OTyp) {
+			showFloor = 0
+		}
+		m["config"] = map[string]int{
+			"showentry": showEntry,
+			"showadmin": showAdmin,
+			"showfloor": showFloor,
+		}
+		if cursorRes.Subject.RCount <= 20 && len(cursorRes.Header.Hots) > 0 {
+			cursorRes.Header.Hots = cursorRes.Header.Hots[:0]
+		}
+		m["hots"] = cursorRes.Header.Hots
+		m["notice"] = rpSvr.RplyNotice(ctx, int8(plat), build, appStr, buvid)
+		m["top"] = map[string]interface{}{
+			"admin": cursorRes.Header.TopAdmin,
+			"upper": cursorRes.Header.TopUpper,
+		}
+	}
+	ctx.JSON(m, err)
+}
+
+func dialogByCursor(c *bm.Context) {
+	var mid int64
+	v := new(struct {
+		Oid      int64  `form:"oid" validate:"required"`
+		Type     int8   `form:"type" validate:"required"`
+		Root     int64  `form:"root" validate:"required"`
+		Dialog   int64  `form:"dialog" validate:"required"`
+		Size     int    `form:"size" validate:"min=1"`
+		MinFloor int64  `form:"min_floor"`
+		MaxFloor int64  `form:"max_floor"`
+		Plat     int64  `form:"plat"`
+		Build    int64  `form:"build"`
+		MobiApp  string `form:"mobi_app"`
+	})
+	// buvid := c.Request.Header.Get("buvid")
+	var err error
+	err = c.Bind(v)
+	if err != nil {
+		return
+	}
+	if v.Size > conf.Conf.Reply.MaxPageSize {
+		v.Size = conf.Conf.Reply.MaxPageSize
+	}
+	if m, ok := c.Get("mid"); ok {
+		mid = m.(int64)
+	}
+	cursor, err := model.NewCursor(v.MaxFloor, v.MinFloor, v.Size, model.OrderASC)
+	if err != nil {
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rps, dialogCursor, dialogMeta, err := rpSvr.DialogByCursor(c, mid, v.Oid, v.Type, v.Root, v.Dialog, cursor)
+	if err != nil {
+		log.Error("rpSvr.DialogByCursor error (%v)", err)
+		c.JSON(nil, err)
+		return
+	}
+	rpSvr.EmojiReplaceI(v.MobiApp, v.Build, rps...)
+	var config xmodel.ReplyConfig
+	config.ShowFloor = 1
+	if !rpSvr.ShowFloor(v.Oid, v.Type) {
+		config.ShowFloor = 0
+	}
+	data := map[string]interface{}{
+		"cursor":  dialogCursor,
+		"dialog":  dialogMeta,
+		"replies": rps,
+		"config":  config,
+	}
+	c.JSON(data, nil)
+}
--- a/app/interface/main/reply/http/http.go
+++ b/app/interface/main/reply/http/http.go
@@ -0,0 +1,106 @@
+package http
+
+import (
+	"go-common/app/interface/main/reply/conf"
+	"go-common/app/interface/main/reply/service"
+	"go-common/library/log"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/net/http/blademaster/middleware/auth"
+	"go-common/library/net/http/blademaster/middleware/verify"
+)
+
+var (
+	cnf       *conf.Config
+	rpSvr     *service.Service
+	authSvc   *auth.Auth
+	verifySvc *verify.Verify
+)
+
+// Init init http
+func Init(c *conf.Config) {
+	initService(c)
+	engine := bm.DefaultServer(c.BM)
+	outerRouter(engine)
+	interRouter(engine)
+	if err := engine.Start(); err != nil {
+		log.Error("xhttp.Serve error(%v)", err)
+		panic(err)
+	}
+}
+
+func initService(c *conf.Config) {
+	cnf = c
+	authSvc = auth.New(c.Auth)
+	verifySvc = verify.New(c.Verify)
+	rpSvr = service.New(conf.Conf)
+}
+
+func outerRouter(e *bm.Engine) {
+	// init api
+	e.GET("/monitor/ping", ping)
+	// reply
+	group := e.Group("/x/v2/reply")
+	{
+		group.GET("", authSvc.Guest, reply)
+		group.GET("/cursor", authSvc.Guest, replyByCursor)
+		group.GET("/reply/cursor", authSvc.Guest, subReplyByCursor)
+		group.GET("/hot", replyHots)
+		group.GET("/emojis", emojis)
+		group.GET("/web/emojis", emojis)
+		group.GET("/info", authSvc.Guest, replyInfo)
+		group.GET("/minfo", authSvc.Guest, replyMultiInfo)
+		group.GET("/reply", authSvc.Guest, replyReply)
+		group.GET("/jump", authSvc.Guest, jumpReply)
+		group.GET("/count", authSvc.Guest, replyCount)
+		group.GET("/mcount", authSvc.Guest, replyMultiCount)
+		group.GET("/log", authSvc.Guest, replyAdminLog)
+		group.POST("/add", authSvc.User, addReply)
+		group.POST("/action", authSvc.User, likeReply)
+		group.POST("/hate", authSvc.User, hateReply)
+		group.POST("/show", authSvc.User, showReply)
+		group.POST("/hide", authSvc.User, hideReply)
+		group.POST("/del", authSvc.User, delReply)
+		group.POST("/top", authSvc.User, AddTopReply)
+		group.POST("/report", authSvc.User, reportReply)
+		group.GET("/topics", authSvc.Guest, getTopics)
+		group.GET("/report/related", authSvc.Guest, reportRelated)
+		group.GET("/report/reply", authSvc.Guest, reportSndReply)
+		group.GET("/dialog", authSvc.Guest, dialog)
+		group.GET("/dialog/cursor", authSvc.Guest, dialogByCursor)
+		// 5.37需求
+		group.GET("/main", authSvc.Guest, xreply)
+		group.GET("/folded", authSvc.Guest, subFolder)
+		group.GET("/reply/folded", authSvc.Guest, rootFolder)
+	}
+}
+
+func interRouter(e *bm.Engine) {
+	// internal admin
+	group := e.Group("/x/internal/v2/reply")
+	{
+		group.GET("/subject", verifySvc.Verify, adminSubject)
+		group.POST("/subject/mid", verifySvc.Verify, adminSubjectMid)
+		group.GET("/hot", verifySvc.Verify, replyHots)
+		group.POST("/subject/state", verifySvc.Verify, adminSubjectState)
+		group.POST("/subject/regist", verifySvc.Verify, adminSubRegist)
+		group.POST("/audit", verifySvc.Verify, adminAuditSub)
+		group.POST("/pass", verifySvc.Verify, adminPassReply)
+		group.POST("/recover", verifySvc.Verify, adminRecoverReply)
+		group.POST("/edit", verifySvc.Verify, adminEditReply)
+		group.POST("/del", verifySvc.Verify, adminDelReply)
+		group.POST("/top", verifySvc.Verify, adminAddTopReply)
+		group.POST("/report/del", verifySvc.Verify, adminDelReplyByReport)
+		group.POST("/report/ignore", verifySvc.Verify, adminIgnoreReport)
+		group.POST("/report/recover", verifySvc.Verify, adminReportRecover)
+		group.POST("/report/transfer", verifySvc.Verify, adminTransferReport)
+		group.POST("/report/state", verifySvc.Verify, adminReportStateSet)
+		group.GET("/info", verifySvc.Verify, replyInfo)
+		group.GET("/count", verifySvc.Verify, replyCount)
+		group.GET("/counts", verifySvc.Verify, replyCounts)
+		group.GET("/minfo", verifySvc.Verify, replyMultiInfo)
+		group.GET("/mcount", verifySvc.Verify, replyMultiCount)
+		group.GET("/record", verifySvc.Verify, replyRecord)
+		group.GET("/hots", verifySvc.Verify, hotsBatch)
+		group.GET("/ishot", isHotReply)
+	}
+}
--- a/app/interface/main/reply/http/local.go
+++ b/app/interface/main/reply/http/local.go
@@ -0,0 +1,16 @@
+package http
+
+import (
+	"net/http"
+
+	"go-common/library/log"
+	bm "go-common/library/net/http/blademaster"
+)
+
+// ping check server ok.
+func ping(c *bm.Context) {
+	if err := rpSvr.Ping(c); err != nil {
+		log.Error("reply interface ping error")
+		c.AbortWithStatus(http.StatusServiceUnavailable)
+	}
+}
--- a/app/interface/main/reply/http/reply.go
+++ b/app/interface/main/reply/http/reply.go
--- a/app/interface/main/reply/http/reply_admin.go
+++ b/app/interface/main/reply/http/reply_admin.go
@@ -0,0 +1,782 @@
+package http
+
+import (
+	"strconv"
+	"strings"
+	"text/template"
+
+	"go-common/app/interface/main/reply/conf"
+	"go-common/library/ecode"
+	"go-common/library/log"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/xstr"
+)
+
+const (
+	_remarkLength = 200
+)
+
+func adminSubjectMid(c *bm.Context) {
+	var (
+		err  error
+		tp   int64
+		oid  int64
+		mid  int64
+		adid int64
+	)
+	params := c.Request.Form
+	tpStr := params.Get("type")
+	oidStr := params.Get("oid")
+	midStr := params.Get("mid")
+	adidStr := params.Get("adid")
+	remark := params.Get("remark")
+	if tp, err = strconv.ParseInt(tpStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if oid, err = strconv.ParseInt(oidStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if mid, err = strconv.ParseInt(midStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", midStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if adid, err = strconv.ParseInt(adidStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	err = rpSvr.AdminSubjectMid(c, adid, mid, oid, int8(tp), remark)
+	c.JSON(nil, err)
+}
+
+func adminSubRegist(c *bm.Context) {
+	var (
+		err   error
+		oid   int64
+		tp    int64
+		state int64
+		mid   int64
+	)
+
+	params := c.Request.Form
+	midStr := params.Get("mid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	stateStr := params.Get("state")
+	appkey := params.Get("appkey")
+	if oid, err = strconv.ParseInt(oidStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if mid, err = strconv.ParseInt(midStr, 10, 64); err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", midStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+
+	if stateStr != "" {
+		if state, err = strconv.ParseInt(stateStr, 10, 8); err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", stateStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	if tpStr != "" {
+		if tp, err = strconv.ParseInt(tpStr, 10, 8); err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	err = rpSvr.AdminSubRegist(c, oid, mid, int8(tp), int8(state), appkey)
+	c.JSON(nil, err)
+}
+
+func adminSubject(c *bm.Context) {
+
+	params := c.Request.Form
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	sub, err := rpSvr.AdminGetSubject(c, oid, int8(tp))
+	if err != nil {
+		log.Warn("rpSvr.AdminGetSubjectState(oid%d,tp,%d)error(%v)", oid, int8(tp))
+		c.JSON(nil, err)
+		return
+	}
+	c.JSON(sub, nil)
+}
+
+// adminModifySubject modify subject state.
+func adminSubjectState(c *bm.Context) {
+	var (
+		err error
+		mid int64
+	)
+
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	stateStr := params.Get("state")
+	midStr := params.Get("mid")
+	remark := params.Get("remark")
+	// check params
+	remark = strings.TrimSpace(remark)
+	rml := len([]rune(remark))
+	if rml > _remarkLength {
+		log.Warn("remark(%s) length %d, max %d", remark, rml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	state, err := strconv.ParseInt(stateStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", stateStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if midStr != "" {
+		if mid, err = strconv.ParseInt(midStr, 10, 64); err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", midStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	err = rpSvr.AdminSubjectState(c, adid, oid, mid, int8(tp), int8(state), remark)
+	c.JSON(nil, err)
+}
+
+func adminAuditSub(c *bm.Context) {
+
+}
+
+// adminPassReply pass reply normal.
+func adminPassReply(c *bm.Context) {
+	var err error
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	remark := params.Get("remark")
+	// check params
+	remark = strings.TrimSpace(remark)
+	rml := len([]rune(remark))
+	if rml > _remarkLength {
+		log.Warn("remark(%s) length %d, max %d", remark, rml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	// remark = template.JSEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if len(oids) != len(rpIDs) {
+		log.Warn("oids:%s rpIDs:%s ", oids, rpIDs)
+		return
+	}
+	for i := 0; i < len(oids); i++ {
+		err = rpSvr.AdminPass(c, adid, oids[i], rpIDs[i], int8(tp), remark)
+	}
+	c.JSON(nil, err)
+}
+
+// adminRecoverReply recover reply normal.
+func adminRecoverReply(c *bm.Context) {
+	var err error
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	remark := params.Get("remark")
+	// check params
+	remark = strings.TrimSpace(remark)
+	rml := len([]rune(remark))
+	if rml > _remarkLength {
+		log.Warn("remark(%s) length %d, max %d", remark, rml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpID, err := strconv.ParseInt(rpIDStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	err = rpSvr.AdminRecover(c, adid, oid, rpID, int8(tp), remark)
+	c.JSON(nil, err)
+}
+
+// adminEditReply edit reply content by admin.
+func adminEditReply(c *bm.Context) {
+	var err error
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	msg := params.Get("message")
+	remark := params.Get("remark")
+	// check params
+	msg = strings.TrimSpace(msg)
+	ml := len([]rune(msg))
+	if conf.Conf.Reply.MaxConLen < ml || ml < conf.Conf.Reply.MinConLen {
+		log.Warn("content(%s) length %d, max %d, min %d", msg, ml, conf.Conf.Reply.MaxConLen, conf.Conf.Reply.MinConLen)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	msg = template.HTMLEscapeString(msg)
+	remark = strings.TrimSpace(remark)
+	rml := len([]rune(remark))
+	if rml > _remarkLength {
+		log.Warn("remark(%s) length %d, max %d", remark, rml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpID, err := strconv.ParseInt(rpIDStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	err = rpSvr.AdminEdit(c, adid, oid, rpID, int8(tp), msg, remark)
+	c.JSON(nil, err)
+}
+
+// report reason
+const (
+	TypeReportReasonOthers = 0
+)
+
+// _delReply delete reply, this call be limited to this file.
+func _delReply(c *bm.Context, isReport bool) {
+	var (
+		err     error
+		reason  int64
+		freason int64
+	)
+
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	adname := params.Get("adname")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	morStr := params.Get("moral")
+	notStr := params.Get("notify")
+	remark := params.Get("remark")
+	ftimeStr := params.Get("ftime")
+	auditStr := params.Get("audit")
+	reasonStr := params.Get("reason")
+	content := params.Get("reason_content")
+	freasonStr := params.Get("freason")
+	// check params
+	remark = strings.TrimSpace(remark)
+	ml := len([]rune(remark))
+	if ml > _remarkLength {
+		log.Warn("remark (%s) length %d, max %d", remark, ml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tps, err := xstr.SplitInts(tpStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	moral, err := strconv.ParseInt(morStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	notify, err := strconv.ParseBool(notStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if reasonStr != "" {
+		if reason, err = strconv.ParseInt(reasonStr, 10, 64); err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", reasonStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	if freasonStr != "" {
+		if freason, err = strconv.ParseInt(freasonStr, 10, 64); err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", freasonStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	ftime, _ := strconv.ParseInt(ftimeStr, 10, 64)
+	audit, _ := strconv.ParseInt(auditStr, 10, 8)
+	if len(oids) == 0 || len(rpIDs) != len(oids) || len(tps) != len(oids) {
+		log.Warn("admin del reply oids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if reason != TypeReportReasonOthers {
+		content = ""
+	}
+	for i := 0; i < len(oids); i++ {
+		if isReport {
+			err = rpSvr.AdminDeleteByReport(c, adid, oids[i], rpIDs[i], ftime, int8(tps[i]), int(moral), notify, adname, remark, int8(audit), int8(reason), content, int8(freason))
+		} else {
+			err = rpSvr.AdminDelete(c, adid, oids[i], rpIDs[i], ftime, int8(tps[i]), int(moral), notify, adname, remark, int8(reason), int8(freason))
+		}
+	}
+	c.JSON(nil, err)
+}
+
+// adminDelReply delete reply by admin.
+func adminDelReply(c *bm.Context) {
+	_delReply(c, false)
+}
+
+// adminDelReplyByReport delete a report reply by admin.
+func adminDelReplyByReport(c *bm.Context) {
+	_delReply(c, true)
+}
+
+func adminReportStateSet(c *bm.Context) {
+
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	stateStr := params.Get("state")
+	var adid int64
+	if adidStr != "" {
+		var err error
+		adid, err = strconv.ParseInt(adidStr, 10, 64)
+		if err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tps, err := xstr.SplitInts(tpStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if len(oids) == 0 || len(rpIDs) != len(oids) || len(tps) != len(oids) {
+		log.Warn("admin set report oids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	state, err := strconv.ParseInt(stateStr, 10, 8)
+	if err != nil {
+		log.Warn("admin set report soids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	for i := 0; i < len(oids); i++ {
+		err = rpSvr.AdminReportStateSet(c, adid, oids[i], rpIDs[i], int8(tps[i]), int8(state))
+	}
+	c.JSON(nil, err)
+}
+
+func adminTransferReport(c *bm.Context) {
+
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	auditStr := params.Get("audit")
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.SplitInts(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.SplitInts(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tps, err := xstr.SplitInts(tpStr)
+	if err != nil {
+		log.Warn("strconv.SplitInts(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if len(oids) == 0 || len(rpIDs) != len(oids) || len(tps) != len(oids) {
+		log.Warn("admin del reply oids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	audit, _ := strconv.ParseInt(auditStr, 10, 8)
+	for i := 0; i < len(oids); i++ {
+		err = rpSvr.AdminReportTransfer(c, adid, oids[i], rpIDs[i], int8(tps[i]), int8(audit))
+	}
+	c.JSON(nil, err)
+}
+
+// adminIgnoreReport ignore a report.
+func adminIgnoreReport(c *bm.Context) {
+	var err error
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	auditStr := params.Get("audit")
+	remark := params.Get("remark")
+	// check params
+	remark = strings.TrimSpace(remark)
+	ml := len([]rune(remark))
+	if ml > _remarkLength {
+		log.Warn("remark (%s) length %d, max %d", remark, ml, 255)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tps, err := xstr.SplitInts(tpStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	audit, _ := strconv.ParseInt(auditStr, 10, 8)
+	if len(oids) == 0 || len(rpIDs) != len(oids) || len(tps) != len(oids) {
+		log.Warn("admin del reply oids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	for i := 0; i < len(oids); i++ {
+		err = rpSvr.AdminReportIgnore(c, adid, oids[i], rpIDs[i], int8(tps[i]), int8(audit), remark)
+	}
+	c.JSON(nil, err)
+}
+
+// adminAddTopReply add top reply
+func adminAddTopReply(c *bm.Context) {
+
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	actStr := params.Get("action")
+	// check params
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpID, err := strconv.ParseInt(rpIDStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	act, err := strconv.ParseInt(actStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(actStr :%s) err(%v)", actStr, err)
+		act = 1
+	}
+	err = rpSvr.AdminAddTop(c, adid, oid, rpID, int8(tp), int8(act))
+	c.JSON(nil, err)
+}
+
+func adminReportRecover(c *bm.Context) {
+	var err error
+	params := c.Request.Form
+	adidStr := params.Get("adid")
+	oidStr := params.Get("oid")
+	tpStr := params.Get("type")
+	rpIDStr := params.Get("rpid")
+	auditStr := params.Get("audit")
+	remark := params.Get("remark")
+	// check params
+	remark = strings.TrimSpace(remark)
+	rml := len([]rune(remark))
+	if rml > _remarkLength {
+		log.Warn("remark(%s) length %d, max %d", remark, rml, _remarkLength)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	remark = template.HTMLEscapeString(remark)
+	adid, err := strconv.ParseInt(adidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", adidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	oids, err := xstr.SplitInts(oidStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIDs, err := xstr.SplitInts(rpIDStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpIDStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tps, err := xstr.SplitInts(tpStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	audit, err := strconv.ParseInt(auditStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if len(oids) == 0 || len(rpIDs) != len(oids) || len(tps) != len(oids) {
+		log.Warn("admin del reply oids: %v, rpIDs: %v, tps: %v", oids, rpIDs, tps)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	for i := 0; i < len(oids); i++ {
+		err = rpSvr.AdminReportRecover(c, adid, oids[i], rpIDs[i], int8(tps[i]), int8(audit), remark)
+	}
+	c.JSON(nil, err)
+}
--- a/app/interface/main/reply/http/reply_record.go
+++ b/app/interface/main/reply/http/reply_record.go
@@ -0,0 +1,84 @@
+package http
+
+import (
+	"strconv"
+
+	"go-common/library/ecode"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/xstr"
+)
+
+func replyRecord(c *bm.Context) {
+	var (
+		err               error
+		types             []int64
+		mid, stime, etime int64
+		pn                = int64(1)
+		ps                = int64(10)
+	)
+	params := c.Request.Form
+	stimeStr := params.Get("stime")
+	etimeStr := params.Get("etime")
+	typesStr := params.Get("types")
+	sortStr := params.Get("sort")
+	orderStr := params.Get("order")
+	pnStr := params.Get("pn")
+	psStr := params.Get("ps")
+	midStr := params.Get("mid")
+	if mid, err = strconv.ParseInt(midStr, 10, 64); err != nil {
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if typesStr != "" {
+		if types, err = xstr.SplitInts(typesStr); err != nil {
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	if stime, err = strconv.ParseInt(stimeStr, 10, 64); err != nil {
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if etime, err = strconv.ParseInt(etimeStr, 10, 64); err != nil {
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if pnStr != "" {
+		if pn, err = strconv.ParseInt(pnStr, 10, 32); err != nil {
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	if psStr != "" {
+		if ps, err = strconv.ParseInt(psStr, 10, 32); err != nil {
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	if orderStr == "" {
+		orderStr = "ctime"
+	}
+	if sortStr == "" {
+		sortStr = "desc"
+	}
+	records, total, err := rpSvr.Records(c, types, mid, stime, etime, orderStr, sortStr, int32(pn), int32(ps))
+	if err != nil {
+		c.JSON(nil, err)
+		return
+	}
+	data := map[string]interface{}{
+		"page": map[string]int64{
+			"num":   pn,
+			"size":  ps,
+			"total": int64(total),
+		},
+		"records": records,
+	}
+	c.JSON(data, err)
+}
--- a/app/interface/main/reply/http/reply_report.go
+++ b/app/interface/main/reply/http/reply_report.go
@@ -0,0 +1,230 @@
+package http
+
+import (
+	"strconv"
+	"strings"
+	"text/template"
+
+	model "go-common/app/interface/main/reply/model/reply"
+	"go-common/library/ecode"
+	"go-common/library/log"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/xstr"
+)
+
+// reportReply report a reply.
+func reportReply(c *bm.Context) {
+	params := c.Request.Form
+	mid, _ := c.Get("mid")
+	oidsStr := params.Get("oid")
+	rpsStr := params.Get("rpid")
+	tpStr := params.Get("type")
+	reaStr := params.Get("reason")
+	cont := params.Get("content")
+	platform := params.Get("platform")
+	buildStr := params.Get("build")
+	buvid := c.Request.Header.Get("buvid")
+	var build int64
+	var err error
+	if buildStr != "" {
+		build, err = strconv.ParseInt(buildStr, 10, 64)
+		if err != nil {
+			log.Warn("strconv.ParseInt(%s) error(%v)", buildStr, err)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+	}
+	// check params
+	oids, err := xstr.SplitInts(oidsStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", oidsStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpIds, err := xstr.SplitInts(rpsStr)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", rpsStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	if len(oids) != len(rpIds) {
+		log.Warn("oids(%s) not equal rpids(%s)", oidsStr, rpsStr)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	reaTmp, err := strconv.ParseInt(reaStr, 10, 8)
+	if err != nil {
+		log.Warn("strconv.ParseInt(%s) error(%v)", reaStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rea := int8(reaTmp)
+	if rea == model.ReportReasonOther {
+		cont = strings.TrimSpace(cont)
+		cl := len([]rune(cont))
+		if 200 < cl || cl < 2 {
+			log.Warn("content(%s) length %d, max 200, min 2", cont, cl)
+			err = ecode.RequestErr
+			c.JSON(nil, err)
+			return
+		}
+		cont = template.HTMLEscapeString(cont)
+	} else {
+		cont = ""
+	}
+	for i := 0; i < len(oids); i++ {
+		cd, err := rpSvr.AddReport(c, mid.(int64), oids[i], rpIds[i], int8(tp), rea, cont, platform, build, buvid)
+		if err != nil {
+			var data map[string]int
+			if err == ecode.ReplyReportDeniedAsCD {
+				data = map[string]int{"ttl": cd}
+			} else {
+				log.Warn("rpSvr.AddReport(%d, %d, %d, %d, %d, %s, %s, %d, %s) error(%v)", mid, oids[i], rpIds[i], tp, rea, cont, err, platform, build, buvid)
+			}
+			c.JSON(data, err)
+			return
+		}
+	}
+	c.JSON(nil, nil)
+}
+
+func reportRelated(c *bm.Context) {
+	var (
+		mid    int64
+		escape = true
+	)
+	params := c.Request.Form
+	oidStr := params.Get("oid")
+	rpidStr := params.Get("root")
+	tpStr := params.Get("type")
+	midIf, ok := c.Get("mid")
+	if ok {
+		mid = midIf.(int64)
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(oid:%d) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpid, err := strconv.ParseInt(rpidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(rpid:%d) error(%v)", rpidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(type:%d) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	// check android and ios appkey
+	// if mobile, no html escape
+	if isMobile(params) {
+		escape = false
+	}
+	sub, root, rels, err := rpSvr.ReportRelated(c, mid, oid, rpid, int8(tp), escape)
+	if err != nil {
+		log.Warn("rpSvr.ReportRelated(%d,%d,%d) error(%v)", oid, rpid, tp, err)
+		c.JSON(nil, err)
+		return
+	}
+	data := map[string]interface{}{
+		"root":    root,
+		"related": rels,
+		"upper": map[string]interface{}{
+			"mid": sub.Mid,
+		},
+	}
+	c.JSON(data, err)
+}
+
+func reportSndReply(c *bm.Context) {
+	var (
+		mid    int64
+		escape = true
+	)
+	params := c.Request.Form
+	oidStr := params.Get("oid")
+	rpidStr := params.Get("root")
+	tpStr := params.Get("type")
+	pnStr := params.Get("pn")
+	psStr := params.Get("ps")
+	midIf, ok := c.Get("mid")
+	if ok {
+		mid = midIf.(int64)
+	}
+	oid, err := strconv.ParseInt(oidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(oid:%d) error(%v)", oidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	rpid, err := strconv.ParseInt(rpidStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(rpid:%d) error(%v)", rpidStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	tp, err := strconv.ParseInt(tpStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(type:%d) error(%v)", tpStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	pn, err := strconv.ParseInt(pnStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(pn:%d) error(%v)", pnStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	ps, err := strconv.ParseInt(psStr, 10, 64)
+	if err != nil {
+		log.Warn("strconv.ParseInt(ps:%d) error(%v)", psStr, err)
+		err = ecode.RequestErr
+		c.JSON(nil, err)
+		return
+	}
+	// check android and ios appkey
+	// if mobile, no html escape
+	if isMobile(params) {
+		escape = false
+	}
+	sub, root, rs, err := rpSvr.ReportReply(c, mid, oid, rpid, int8(tp), int(pn), int(ps), escape)
+	if err != nil {
+		c.JSON(nil, err)
+		return
+	}
+	data := make(map[string]interface{}, 2)
+	data["page"] = map[string]int{
+		"num":   int(pn),
+		"size":  int(ps),
+		"count": root.Count,
+	}
+	data["upper"] = map[string]interface{}{
+		"mid": sub.Mid,
+	}
+	data["root"] = root
+	data["replies"] = rs
+	c.JSON(data, err)
+}
--- a/app/interface/main/reply/http/xreply.go
+++ b/app/interface/main/reply/http/xreply.go
@@ -0,0 +1,50 @@
+package http
+
+import (
+	xmodel "go-common/app/interface/main/reply/model/xreply"
+	"go-common/library/ecode"
+	bm "go-common/library/net/http/blademaster"
+	"go-common/library/net/metadata"
+)
+
+func xreply(c *bm.Context) {
+	v := new(xmodel.ReplyReq)
+	if err := c.Bind(v); err != nil {
+		return
+	}
+	v.Mid = metadata.Int64(c, metadata.Mid)
+	v.IP = metadata.String(c, metadata.RemoteIP)
+	if !v.Cursor.Legal() {
+		c.JSON(nil, ecode.RequestErr)
+		return
+	}
+	c.JSON(rpSvr.Xreply(c, v))
+}
+
+func subFolder(c *bm.Context) {
+	v := new(xmodel.SubFolderReq)
+	if err := c.Bind(v); err != nil {
+		return
+	}
+	v.Mid = metadata.Int64(c, metadata.Mid)
+	v.IP = metadata.String(c, metadata.RemoteIP)
+	if !v.Cursor.Legal() || v.Cursor.Backward() {
+		c.JSON(nil, ecode.RequestErr)
+		return
+	}
+	c.JSON(rpSvr.SubFoldedReply(c, v))
+}
+
+func rootFolder(c *bm.Context) {
+	v := new(xmodel.RootFolderReq)
+	if err := c.Bind(v); err != nil {
+		return
+	}
+	v.Mid = metadata.Int64(c, metadata.Mid)
+	v.IP = metadata.String(c, metadata.RemoteIP)
+	if !v.Cursor.Legal() || v.Cursor.Backward() {
+		c.JSON(nil, ecode.RequestErr)
+		return
+	}
+	c.JSON(rpSvr.RootFoldedReply(c, v))
+}